System and method for user authentication

ABSTRACT

A method and system for authenticating a user to access a computer system. The method comprises communicating security information to the computer system, and providing the computer system with an implicit input. The method further comprises determining whether the security information and implicit input match corresponding information associated with the user. The method further comprises granting the user access to the computer system in the event of a satisfactory match. When authenticating the user, the method and system consider the possibility of the user being legitimate but subject to duress or force by a computer hacker.

RELATED APPLICATIONS

This application is a continuation of U.S. patent application Ser. No.10/877,782, filed Jun. 25, 2004, which is a continuation of U.S. patentapplication Ser. No. 09/511,092, filed Feb. 23, 2000, now U.S. Pat. No.6,766,456, issued on Jul. 20, 2004, the entireties of which are herebyincorporated herein by reference in their entireties.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The invention relates generally to methods of accessing a securecomputer system. More particularly, this invention relates to a methodand system for authenticating an identity of a user before accessing acomputer system.

2. Description of the Related Art

In today's information age, a user is generally required to execute orpass some form of a security step, such as entering a privateidentification code or password, to access a computer system. As thecomputer stored information or application becomes more sensitive orvaluable, greater security measures are desired to verify the identityand legitimacy of the user before allowing access to the computer systemthat contains such information or application. The use of a passwordalone, however, has become less reliable to authenticate the user. Thereduced reliability of using a password alone has been due to a computerhacker's ability to locate, copy, or electronically identify or trackthe required password using specialized software programs. In somecases, computer hackers are simply able to obtain the user's password byexercising duress or force. Accordingly, the use of a password alone toauthenticate the user for access to the computer system has not beenvery reliable.

Instead of or in combination with entering a password, some computersystems are designed to authenticate the user by requiring the user toturn a conventional key or swipe a machine readable card. Thesetechniques, however, are still subject to the same weaknesses as thoseidentified for using a password. Recently, some computer makersconsidered using the user's fingerprint to authenticate and grant accessto the computer system. In such a system, a peripheral device, such as amouse, includes a fingerprint acquisition module that provides to thecomputer a signal representative of the fingerprint of the user. Thecomputer compares the user's fingerprint signal to a list of signalsstored in its memory. If the user's fingerprint signal matches a signalthat is stored in the computer memory, the user is granted access to thecomputer system, otherwise access is denied. For further details aboutsuch computer system, reference is made to U.S. Pat. No. 5,838,306issued to O'Connor et al. on Nov. 17, 1998, which is incorporated in itsentirety by reference. Using a fingerprint is still not immune to thecomputer hacker's ability to force the user to place his/her finger onthe acquisition device. Moreover, a sophisticated computer hacker may beable to copy the user's fingerprint and provide a simulated signal tothe computer system to obtain access.

Therefore, the above-described authentication techniques do not overcomea computer hacker's ability to access the computer by forcing the userto enter a password, turn a key, swipe a card, or place the user'sfinger on a fingerprint acquisition device. There is a need in thecomputer technology to provide an implicit authentication technique thatis immune to force or theft by computer hackers.

SUMMARY OF THE INVENTION

To overcome the above-mentioned limitations, the invention provides amethod and system for authenticating a user to access a computer system.The method comprises communicating security information to the computersystem, and providing the computer system with an implicit input. Themethod further comprises determining whether the security informationand implicit input match corresponding information associated with theuser. The method further comprises granting the user access to thecomputer system in the event of a satisfactory match.

The system comprises a user interface configured to communicate securityinformation and an implicit input to the computer. The system furthercomprises a compare circuit that is operationally coupled to the userinterface. The compare circuit is configured to determine whether thesecurity information and implicit input match corresponding informationassociated with the user. The system further comprises a process circuitthat is operationally coupled to the compare circuit. The processcircuit is configured to grant the user access to the computer in theevent of a satisfactory match. In another embodiment, the systemcomprises means for interfacing the user with the computer. Theinterfacing means is configured to communicate security information andan implicit input to the computer. The system further comprises means,operationally coupled to the interfacing means, for comparing thesecurity information and implicit input with corresponding informationassociated with the user. The system further comprises means,operationally coupled to the comparing means, for processing thecompared information and granting the user access to the computer in theevent of a satisfactory match.

BRIEF DESCRIPTION OF THE DRAWINGS

The above and other aspects, features, and advantages of the inventionwill be better understood by referring to the following detaileddescription, which should be read in conjunction with the accompanyingdrawings, in which:

FIG. 1 is a block diagram showing one embodiment of a computer system inaccordance with the invention.

FIG. 2 is a perspective view of a peripheral device that may be usedwith the invention.

FIGS. 3A, 3B, 3C, and 3D illustrate exemplary patterns that arerecognized by the computer system of FIG. 1.

FIG. 4 is a flowchart describing one embodiment of the method ofauthenticating a user in accordance with the invention.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

The following description is not to be taken in a limiting sense, but ismade merely for the purpose of describing the general principles of theinvention. The scope of the invention should be determined withreference to the claims.

FIG. 1 is a block diagram showing one embodiment of a computer system100 in accordance with the invention. As shown in FIG. 1, the computersystem 100 comprises a user interface 110 that is operationallyconnected to a process circuit 120. The user interface 110 may be anyinput device that is used to enter or communicate information to thecomputer system 100, such as a keyboard, mouse, trackball, pointer,touch-screen, remote terminal, audio sensor, optical scanner, telephone,or any similar user interface. The user interface may provide inputsignals to the computer system 100 in an analog form, which typicallyrequires conversion to digital form by the computer system 100, or in adigital form. For example, when using a keyboard, a computer user (notshown in this figure) may enter a password representing a unique seriesof keys. When using a mouse or trackball, the user may enter a uniqueseries of clicks using left, center, and/or right buttons of the mouse.Alternatively, the user may enter a unique geometric pattern (see FIGS.3A-3D) concurrently with or shortly after entering the password. Whenusing an audio sensor, such as a microphone, the user may enter audioinformation, such the user's voice, which may be uniquely identified bythe computer system 100. When using an optical scanner, the user mayscan his/her fingerprint or other physical feature such as the retinainto the computer system 100 for authentication.

Any, a combination, or all of the above-described types of input signalsmay be used to authenticate a user. For example, the computer system 100may be designed to receive a combination of input signals in a form of apassword from a keyboard, in a form of a fingerprint scan from anoptical scanner (e.g., placed on the keyboard or mouse), and in a formof a geometric pattern from a mouse or trackball. The user may inputthese signals substantially concurrently, or in any agreed uponsequence. For example, the user may enter a password through thekeyboard and, within a predetermined duration of time (e.g., 5 seconds),place his/her finger on the mouse to be scanned while moving the mousein a specified pattern, e.g., clockwise circle. As further describedbelow, before granting the user's request for access, the computersystem 100 may be configured to recognize the combination of a password,fingerprint, and a particular pattern that is unique to each user.

The process circuit 120 is configured to receive input signals from theuser interface 110 for processing. If the input signals are in analogform, the process circuit 120 converts the input signals to digital formfor further processing. If desired or necessary, the process circuit 120filters undesired components of the input signals, so that onlycomponents that are necessary for identification are passed on. Theprocess circuit is operationally connected with a timer 130 thatmeasures time duration between the various input signals. As notedabove, the computer system 100 may be configured to recognize and acceptfor processing input signals (e.g., password) that occur within apredetermined duration of time from other input signals (e.g.,fingerprint scan or pattern). Accordingly, the process circuit 120 mayinstruct the timer 130 to measure time between input signals todetermine whether the user is an authorized user. For example, theduration between entering a password and performing a fingerprint scanand/or pattern may be set to a maximum of 10 seconds. If, after enteringa legitimate password, the user takes too long (i.e., greater than 10seconds) to perform a fingerprint scan and/or pattern, the processcircuit 120 may deny access to the computer system 100, as described forthe method of FIG. 4.

If, on the other hand, the user performs a fingerprint scan and/orpattern within the designated time, the process circuit 120 communicatesthe input signals to a compare circuit 150 for authentication. Thecompare circuit 150 is operationally coupled to a memory 140, whichstores a list of legitimate user identifications (ID's) with respectivepasswords, fingerprint, pattern, or any other type of information(“security information”) for recognition by the computer system 100. Theprocess circuit 120 may instruct the memory 140 to communicate securityinformation to the compare circuit 150 for authentication. The comparecircuit 150 also receives and compares input information from theprocess circuit 120 with the security information received from thememory 140. If there is a match between the input and securityinformation, the compare circuit 150 issues a “pass” signal to thecomputer system 100 (e.g., a host processor) indicating acceptance ofand authorizing access by the user. If the input and securityinformation do not match, the compare circuit issues a “flag” signalindicating denial of access by the user.

In one embodiment, the user is always required to perform an implicit,invisible, or non-apparent act (the “implicit” act or input). Theimplicit input may include an active and/or a passive act. For instance,in performing the active act, the user may generate a geometric pattern(e.g., using a mouse) when requesting access to the computer system 100.The computer system 100 may be configured to recognize a particulargeometric pattern under the condition that the user performs suchpattern concurrently with, or after a predetermined duration from,scanning his/her fingerprint. In performing the passive act, the usermay wait a predetermined time intervals between entry of variouscomponents of the security information or, for instance, may skip apredetermined letter of each component of the security information. Inheightened security applications, it may be desirable to configure thecomputer system 100 to issue a security alert to the responsibleauthority (e.g., security guards or law enforcement personnel) if theuser fails to perform the geometric pattern. Accordingly, even if thecompare circuit 150 determines that the input (e.g., fingerprint) andsecurity information do match, the compare circuit 150 may still issuethe flag signal because of the user's failure to perform the geometricpattern.

In such a scenario, the computer system 150 recognizes that while theuser may be legitimate, the user's failure to perform the geometricpattern may be an indication that the user is experiencing duress orforce to access the computer system 100, as described for the method ofFIG. 4. In some applications, it may be desirable to grant a limitedaccess to the user to give the false impression that access to thecomputer system 100 is granted as usual. As used herein, “limitedaccess” is any access that provides a user or intruder access that isless than complete access to the computer system 100. However,concurrently with the limited access, a silent security alert may beissued to security personnel, without allowing the user or intruder toknow. Using the silent security alert mode silent alert minimizes riskto the user under duress.

Any of the structural components of the computer system 100, e.g., theprocess circuit 120 and compare circuit 150, may be implemented usingcommonly known hardware, such as one or more digital circuits, toperform the authentication functions of the computer system 100.Alternatively, the functions of such structural components may beimplemented using a dedicated signal processor, such as a digital signalprocessor (DSP), that is programmed with instructions to perform theauthentication functions of the computer system 100.

FIG. 2 is a perspective view of a peripheral device 200 that may be usedwith the invention. The peripheral device 200 may comprise a mouse thatcommunicates signals with the computer system 100 (see FIG. 1) via acable 230, or via a wireless link (not shown in this figure) such as aradio frequency (RF) or infrared (IR) link. In one embodiment, the userinterface 110 (see FIG. 1) may comprise the peripheral device 200through which a user may send user security information (e.g., a userID, password, fingerprint scan, and a specified pattern) to the computersystem 100 to obtain access thereto.

As shown in FIG. 2, the peripheral device 200 comprises one or morebuttons 210, 212, 214, and 216, which, when pressed by the user, sendvarious signals that are recognized by the computer system 100. Asdescribed above, in addition to a password and fingerprint scan, thecomputer system 100 may be configured to require the user to enter apattern comprising a unique sequence of button pressings to authenticatethe user. Accordingly, concurrently with or shortly after thefingerprint scan, the user may press one or more of the buttons 210-216to generate a unique sequence of signals before the computer system 100may grant access. For example, the sequence of signals may be generatedby pressing the button sequence 214, 212, 216, and 212. In response tothe user security information, the computer system 100 determines if theuser may be granted access as described above.

The peripheral device 200 may optionally comprise a trackball (not shownin this figure) that allows the user to manipulate the position of apointer on a visual display, such as a display monitor, in response andproportionally to the motion of the trackball on a surface, such as apad. The characteristics and operation of such a trackball are wellknown in the art. The peripheral device 200 may also comprise one ormore optical scanner windows 220, 222, 224, and 226. If theauthentication process requires a fingerprint scan, one or more of thescanner windows 220-226 may scan the fingerprint of the user and form anelectronic image of the fingerprint. The peripheral device 200 sends theelectronic image to the computer system 100 for authenticating the useras described above. The characteristics and operation of the opticalscanner windows 220-226 are well known in the art.

As noted above, in addition to entering a password and fingerprint scan,the computer system 100 may be configured to require the user to enter aunique geometric pattern via the peripheral device 200 to authenticatethe user. Accordingly, concurrently with or shortly after thefingerprint scan, the user may move the peripheral device 200 on a flatsurface in a predetermined geometric pattern to generate the uniquegeometric pattern, as outlined by the trackball of the peripheral device200. FIGS. 3A, 3B, 3C, and 3D illustrate exemplary patterns that arerecognized by the computer system 100. As shown in FIG. 3A, the user maymove the peripheral device 200 to generate a triangle 310 in a specifieddirection on the flat surface. The peripheral device 200 sends thegenerated pattern in a form of electrical signals to the computer system100 for authentication. As described above, if the computer system 100determines that the generated pattern matches a pattern stored in thememory 140 (see FIG. 1), the computer system 100 grants the access. If,on the other hand, the computer system 100 determines that the generatedpattern does not match a stored pattern, the computer system 100 maydeny access or, if configured to do so, lock up the computer system 100and generate a security alert to the responsible authorities.

FIG. 3B shows another exemplary pattern in a form of a rectangle 320that may be generated by the user via the peripheral device 200. FIG. 3Cshows another exemplary pattern in a form of a straight line 330 thatmay be generated by the user via the peripheral device 200. Finally,FIG. 3D shows still another exemplary pattern in a form of a circle 340that may be generated by the user in a clockwise direction via theperipheral device 200.

FIG. 4 is a flowchart describing one embodiment of the method ofauthenticating a user in accordance with the invention. The method ofthe invention commences at block 400 when the computer system 100(FIG. 1) is first powered up. At block 410, the user enters the user'ssecurity information such as a user identification, password, and/orfingerprint scan, pursuant to system access instructions. At a decisionblock 416, the computer system 100 determines whether the enteredsecurity information matches corresponding information in the memory140. If the security information does not match, the method proceeds toblock 470 where the computer system 100 denies access to the user. If,on the other hand, the security information matches correspondinginformation in the memory 140, the method proceeds to block 420.

In this embodiment, the computer system 100 is configured to recognizethe implicit input that the user enters concurrently with, or within apredetermined duration of, entering the security information. As notedabove, the implicit input may be a geometric pattern that the usergenerates via the user interface 110. Accordingly, at block 420, thecomputer system 100 waits and searches for a predetermined patternsignal from the user interface 110. The pattern signal may be in analogor digital form that represents the pattern that the user generates,e.g., the circle 340. At a decision block 424, the computer system 100determines if a pattern signal is received from the user interface 110within the predetermined duration. If a pattern signal is not receivedor found, the method proceeds to block 436. If, on the other hand, apattern signal is received from the user interface 110, the methodproceeds to a decision block 428, where the computer system 100determines whether the pattern signal matches a corresponding patternsignal stored in memory 140. If the entered pattern signal matches thestored pattern signal, the method proceeds to block 460 where thecomputer system 100 grants the user's request for access. If, on theother hand, the entered signal pattern does not match the stored patternsignal, the method proceeds to the decision block 436.

As indicated above, the computer system 100 may be configured to operatein an alert mode if desired by the system administrator. The alert moderepresents a mode of operation wherein the computer system 100 respondsto an access request using an authentication process that is morestringent than when operating in a non-alert (“normal”) mode. Forinstance, upon receiving instructions to heighten security measures(e.g., in response to an overt threat or intelligence information), thesystem administrator may configure the computer system 100 to operate inthe alert mode. Alternatively, the system administrator may configurethe computer system 100 to operate in the alert mode based on anydesired criteria, such as geographic location of the computer system100, content or sensitivity of stored information, and/or other factors.In the alert mode, the computer system 100 alerts security personnel ifit is determined that there is a possibility of a security breach.Accordingly, at block 436, the computer system 100 determines if thealert mode is activated. If the alert mode is not activated, the methodproceeds to block 470, where the computer system 100 denies the user'srequest to access the computer system 100. If, on the other hand, thealert mode is activated, the method proceeds to block 440. Thus, in theevent of an absent or incorrect pattern signal, the computer system 100avoids issuing unwarranted security alerts when operating in the normalmode. However, if it is operating in the alert mode, the computer system100 applies a stringent authentication process and issues securityalerts in the event of an absent or incorrect pattern signal.

As noted above, the computer system 100 may represent at least a portionof a computer network that is accessible via multiple user terminals,including security and supervisory personnel terminals. Accordingly, ifthe alert mode is activated, then at block 440 the computer system 100is configured to issue an alert signal to a predetermined destination,e.g., a security terminal that is accessible by security personnel. Thealert signal may be a text message indicating that a potential securitybreach or unauthorized attempt to access the network has occurred at aparticular location, e.g., electronic or physical address of thecomputer system 100. At block 446, the computer system 100 determineswhether the silent alert mode is activated. As noted above, the silentalert mode allows a limited access to a user that is potentially underthe influence of duress or force. Hence, the system administrator mayselectively activate or deactivate the silent alert mode based on anydesired criteria, such as the level of safety necessary for users at aparticular location.

Accordingly, if the silent alert mode is not activated, the methodproceeds to block 470 where the computer system 100 denies the useraccess to the computer system 100. If, on the other hand, the silentalert mode is activated, the method proceeds to block 450 where thecomputer system 100 downgrades or limits the scope of access for theuser who entered the security information. As noted above, limitedaccess is any access that provides a user or intruder access that isless than complete access to the computer system 100. For example, thelimited access may allow the user to read or view only a particular listof files that do not contain sensitive information. The limited accessmay also include preventing the user from printing or copying any filesthat are stored in the computer system 100. After downgrading the scopeof access for the user, the method proceeds to block 460 where thecomputer system 100 provides the user with limited access to thecomputer system 100. As noted above, while the computer system 100grants the user with the limited access, the computer system issues thealert signal to security personnel without notifying the user orintruder that any such signal was issued. The method terminates at block490 after either granting the user's request at block 460 or denying theuser's request at block 470 to access the computer system 100.

In view of the foregoing, it will be appreciated that the inventionovercomes the long-standing need for a method and system for correctlyauthenticating a user despite the presence of duress and force by acomputer hacker. The invention may be embodied in other specific formswithout departing from its spirit or essential characteristics. Thedescribed embodiment is to be considered in all respects onlyillustrative and not restrictive. The scope of the invention is,therefore, indicated by the appended claims rather by the foregoingdescription. All changes that fall within the meaning and range ofequivalency of the claims are to be embraced within their scope.

1. A method of authenticating a user of an electronic device, the methodcomprising: prompting a user to input security information; receiving inan electronic device the security information from the user; receivingin the electronic device an authorization pattern, wherein entry of theauthorization pattern is non-prompted, and wherein the receiving of thenon-prompted authorization pattern occurs after the receiving of thesecurity information; authenticating the security information;determining whether the non-prompted authorization pattern matches astored pattern; measuring a duration of time between the receiving ofthe security information and the receiving of the non-promptedauthorization pattern; and granting the user access to the electronicdevice if the measured duration of time is less than a designated amountand in the event of a satisfactory match between the non-promptedauthorization pattern and the stored pattern.
 2. The method of claim 1,wherein the non-prompted authorization pattern corresponds to aparticular movement of an input device.
 3. The method of claim 2,wherein the input device includes at least one of a mouse, a trackball,a keyboard, a touch screen, a microphone, and a scanner.
 4. The methodof claim 1, additionally comprising denying the user access to theelectronic device in the event of an unsatisfactory match between thenon-prompted authorization pattern and the stored pattern.
 5. The methodof claim 1, additionally comprising granting the user partial access tothe electronic device in the event of an unsatisfactory match betweenthe non-prompted authorization pattern and the stored pattern.
 6. Themethod of claim 1, additionally comprising denying the user access tothe electronic device if the measured duration of time is not less thana designated amount.
 7. The method of claim 1, additionally comprisinggranting the user partial access to the electronic device if themeasured duration of time is not less than a designated amount.
 8. Themethod of claim 1, wherein the security information comprises apassword.
 9. A method of user authentication, the method comprising:prompting a user of an electronic device to input authenticationinformation; receiving authentication information from the user;receiving an authorization pattern input by the user, wherein theinputting of the authorization pattern is non-prompted; authenticatingthe authentication information; determining whether the authorizationpattern matches a stored pattern; and granting the user access to theelectronic device in the event of a satisfactory match.
 10. The methodof claim 9, additionally comprising measuring a duration of time betweenthe receiving of the authentication information and the receiving of theauthorization pattern.
 11. The method of claim 9, wherein theauthorization pattern is provided by the user through an input device.12. The method of claim 11, wherein the input device comprises a mouse.13. The method of claim 11, wherein the authorization patterncorresponds to a particular movement of the input device.
 14. The methodof claim 9, wherein the authentication information comprises a useridentification.
 15. The method of claim 9, wherein the authenticationinformation comprises a password.
 16. The method of claim 9,additionally comprising issuing a security alert in the event of anunsatisfactory match between the authorization pattern and the storedpattern.
 17. The method of claim 16, wherein the security alertcomprises a silent alert.
 18. The method of claim 9, additionallycomprising limiting the scope of user access to the electronic device inthe event of an unsatisfactory match between the authorization patternand the stored pattern.
 19. The method of claim 9, wherein the act ofprompting a user is performed by a user interface.
 20. A system forauthenticating a user of an electronic device, the system comprising: atleast one input device coupled to an electronic device; a user interfaceconfigured to prompt a user to provide authentication information withthe at least one input device; a processor coupled to the at least oneinput device and configured to receive said authentication informationfrom the at least one input device, said processor being furtherconfigured to receive from the at least one input device a non-promptedauthorization pattern; a timer configured to measure a duration of timebetween the receiving of the authentication information and thereceiving of the non-prompted authorization pattern; a memory configuredto store a predetermined pattern; and a compare circuit coupled to theprocessor and to the memory, wherein the compare circuit is configuredto compare at least the non-prompted authorization pattern with thepredetermined pattern, and wherein the compare circuit is configured togrant the user access to the electronic device in the event of asatisfactory match.
 21. The system of claim 20, wherein the comparecircuit is configured to deny the user access to the electronic deviceif the measured duration exceeds a designated duration.
 22. The systemof claim 20, wherein the compare circuit is configured to grant the userpartial access to the electronic device if the measured duration exceedsa designated amount.
 23. The system of claim 22, wherein the partialaccess does not allow the user to electronically copy information storedon the electronic device.
 24. The system of claim 20, wherein the atleast one input device comprises a mouse.
 25. The system of claim 24,wherein the at least one input device further comprises a keyboard. 26.The system of claim 25, wherein the non-prompted authorization patterncorresponds to particular movement of the mouse.
 27. The system of claim26, wherein the authentication information is input through thekeyboard.
 28. The system of claim 26, wherein the non-promptedauthorization pattern corresponds to an implicit act.
 29. The system ofclaim 28, wherein the implicit act is a passive act.
 30. The system ofclaim 20, wherein the at least one input device includes at least one ofa mouse, a trackball, a keyboard, a touch screen, a microphone, and ascanner.
 31. The system of claim 20, wherein the non-promptedauthorization pattern corresponds to movement of the at least one inputdevice.
 32. A system for authenticating a user of an electronic device,the system comprising: a user interface configured to instruct a user toprovide security information to an electronic device; and processcircuitry coupled to the user interface and configured to receive afirst input signal representing said security information, wherein saidprocess circuitry is further configured to receive a second input signalrepresenting a non-prompted authorization pattern, and wherein saidprocess circuitry in further configured to determine the authenticity ofsaid security information and of said non-prompted authorizationpattern.
 33. The system of claim 32, further comprising a memoryconfigured to store a predetermined pattern.
 34. The system of claim 33,wherein the process circuitry comprises a compare circuit configured tocompare the non-prompted authorization pattern with the predeterminedpattern.
 35. The system of claim 34, wherein the process circuitry isconfigured to grant the user access to the electronic device in theevent of a satisfactory match between the non-prompted authorizationpattern and the predetermined pattern.
 36. The system of claim 32,wherein the non-prompted authorization pattern corresponds to particularmovement of an input device.
 37. The system of claim 36, wherein theinput device comprises a mouse.
 38. The system of claim 32, furthercomprising a timer coupled to the process circuitry and configured tomeasure a duration of time between the receiving of the first inputsignal and the receiving of the second input signal.
 39. The system ofclaim 38, wherein the process circuitry is further configured to denythe user access to the electronic device if the measured durationexceeds a predetermined amount.
 40. The system of claim 32, wherein saidsecond input signal comprises a sequence of electrical signals.
 41. Asystem for authenticating a user of an electronic device, the systemcomprising: means for prompting the input of security information by auser; means for inputting the security information; means for inputtingan authorization pattern, wherein the input of the authorization patternis non-prompted; and means for comparing the security information andthe non-prompted authorization pattern with respective informationassociated with the user, wherein said means for comparing is configuredto grant the user access to an electronic device in the event of asatisfactory match between the security information and non-promptedauthorization pattern and the respective information associated with theuser.
 42. The system of claim 41, further comprising means for measuringa duration of time between the input of the security information and theinput of the non-prompted authorization pattern.
 43. The system of claim42, wherein further user access to the electronic device is denied ifthe measured duration exceeds a threshold amount.
 44. The system ofclaim 41, wherein the security information comprises at least one of auser identification and a password.
 45. The system of claim 41, furthercomprising means for generating an alert signal in the event of anunsatisfactory match between the non-prompted authorization pattern andthe respective information associated with the user.
 46. The system ofclaim 41, wherein the means for comparing is configured to grant theuser a limited scope of access to the electronic device in the event ofan unsatisfactory match between the non-prompted authorization patternand the respective information associated with the user.